Associating multiple security domains to application servers

ABSTRACT

Multiple security domains can be created and associated with various scopes within the cell allowing security configurations of each scope to be managed collectively. Examples of scopes include the entire cell, one or more application servers, one or more applications, one or more clusters, one or more service integration buses, one or more nodes, etc. Security configurations associated with the security domains can be applied to the scopes based on a hierarchy of the security domains. In addition, new security domains may be created automatically based on security requirements of newly installed applications.

BACKGROUND

Embodiments of the inventive subject matter generally relate to thefield of application server security, and, more particularly, toassociating multi-security domains to application servers.

Websphere® application servers are usually statically bound to a singlesecurity domain that is defined through a configuration procedure. Thesecurity domain corresponds to a set of security attributes that definethe security behavior of the server at runtime. Static association to asingle security domain disregards the variety of security environmentsin which applications may be deployed. For example, an application foraccessing financial account information should be run in an environmentwith a higher level of security than an application that can be accessedanonymously. Deploying these different applications on the sameapplication server that is statically bound to one security domain maybe impractical.

SUMMARY

Embodiments include a computer implemented method directed to traversinga representation of a hierarchy of security domains until locating afirst element of the representation that indicates the code resource. Ifthe first element is associated with a scope of a first of the securitydomains that encompasses a group of code resources that include the coderesource, a security configuration associated with the first element ofthe representation can be determined. The security configuration can beapplied to the code resource.

Embodiments include a computer program product comprising a computerusable medium having computer usable program code. In some embodiments,the computer useable program code can be configured to traverse arepresentation of a hierarchy of security domains until locating a firstelement of the representation that indicates the code resource. If thefirst element is associated with a scope of a first of the securitydomains that encompasses a group of code resources that include the coderesource, a security configuration associated with the first element ofthe representation can be determined. The security configuration can beapplied to the code resource.

Embodiments include a computer program product comprising a computerusable medium having computer usable program code. In some embodiments,the computer useable program code can be configured to detectinstallation of an application on an application server. In someembodiments, security attributes of the application can be determined. Aplurality of security domains associated with the application server canbe determined. If the security attributes are not met by securityconfigurations associated with the plurality of security domains, afirst security domain can be created based on the security attributes.If a first of the plurality of security domains takes precedence overthe first security domain, the application server can be dissociatedfrom the first of the plurality of security domains. A security domaincan be created. The application server can be associated with the newsecurity domain in the security domain map.

Embodiments include an apparatus comprising one or more processingunits, a network interface and a security domain unit. In someembodiments, the security domain unit is operable to traverse arepresentation of a hierarchy of security domains until locating a firstelement of the representation that indicates the code resource. If thefirst element is associated with a scope of a first of the securitydomains that encompasses a group of code resources that include the coderesource, a security configuration associated with the first element ofthe representation can be determined. The security configuration can beapplied to the code resource.

BRIEF DESCRIPTION OF THE DRAWINGS

The present embodiments may be better understood, and numerous objects,features, and advantages made apparent to those skilled in the art byreferencing the accompanying drawings.

FIG. 1 is an example conceptual diagram of applying security to anapplication server based on a hierarchy of security domains.

FIG. 2 depicts a flowchart of example operations for applying securityto an application server based on a hierarchy of security domains.

FIG. 3 depicts a flowchart of example operations for automaticallyupdating an aggregate domain map.

FIG. 4 depicts a flowchart of example operations for automaticallycreating a security domain.

FIG. 5 depicts an example computer system.

DESCRIPTION OF EMBODIMENT(S)

The description that follows includes exemplary systems, methods,techniques, instruction sequences, and computer program products thatembody techniques of the present inventive subject matter. However, itis understood that the described embodiments may be practiced withoutthese specific details. For instance, although examples refer toWebsphere application servers, embodiments may be implemented in othertypes of application servers, such as a WebLogic® server, a JOnASapplication server, etc. In other instances, well-known instructioninstances, protocols, structures, and techniques have not been shown indetail in order not to obfuscate the description.

A cell represents a logical and physical grouping of application serversthat share a common management entity. A security domain is associatedwith the cell (“cell level security domain”) so that a securityconfiguration of the cell level security domain is applied to all of theapplication servers in the cell. A group of the application servers maybe running an application that requires a different securityconfiguration than is indicated by the cell level security domain. A newsecurity configuration can be created to override the cell levelsecurity configuration for an individual application server, but the newsecurity configuration is not associated with other application serversin the group. So, security configurations to support the application aremanaged individually for each application server in the group. Multiplesecurity domains can be created and associated with various scopeswithin the cell allowing security configurations of each scope to bemanaged collectively. Examples of scopes include the entire cell, one ormore application servers, one or more applications, one or moreclusters, one or more service integration buses, one or more nodes, etc.Security configurations associated with the security domains can beapplied to the scopes based on a hierarchy of the security domains. Inaddition, new security domains may be created automatically based onsecurity requirements of newly installed applications.

FIG. 1 is an example conceptual diagram of applying security to anapplication server based on a hierarchy of security domains. A cell 101comprises node1 103, node2 105, and node3 107. Cells can be a logicaland/or physical grouping of application servers that share commonmanagement entities. In this example, the security domain unit 121 isthe management entity for cell1 101. Node1 103 comprises threeapplication servers, server1 109, server2 111, and server m 113. Node3comprises server1 115, server2 117, and server j 119. Although notshown, node1 103, node2 105, and node3 107 may contain additionalapplication servers.

A security domain comprises a security configuration and an indicationof a logical and/or physical grouping of code resources to which thesecurity configuration should be applied. The logical and/or physicalgrouping of code resources subject to the security configuration of thesecurity domain is the scope of the security domain. Examples of scopesinclude cells, one or more application servers, one or moreapplications, one or more clusters, one or more service integrationbuses, one or more nodes, etc. Examples of code resources includeservlets, modules, applications, etc. In addition, a code resource canbe deployed on one or more application servers. In this example, arepresentation of a security domains hierarchy 123 comprises a securitydomain with a server scope (“server level security domain”) 125, asecurity domain with a cluster scope (“cluster level security domain”)127, and a security domain with a cell scope (“cell level securitydomain”) security domain 129. Although not shown, the security domainshierarchy 123 may comprise additional security domains. For example, thesecurity domains hierarchy 123 may comprise an additional server levelsecurity domain, and a security domain associated with an application(“application level security domain”). The server level security domain125, cluster level security domain 127, and cell level security domain129 can comprise respective security configurations.

A security configuration comprises one or more security settings thatcan be applied to application servers. Server level security domains canbe associated with one or more individual application servers. Clusterlevel security domains can be associated with clusters of applicationservers in cells. Clusters can represent logical groupings ofapplication servers that are similar in terms of configuration andfunctionality. For example, a cluster may comprise a group of webservers. Clusters may comprise application servers and nodes. Cell levelsecurity domains can be associated with each application server thatbelongs to a cell.

The server level security domain 125, cluster level security domain 127,and cell level security domain 129 can also comprise map1 131, map2 133,and mapn 135, respectively. Map 1 131, map2 133, and mapn 135 representsecurity domain maps that indicate the application servers that arewithin the scope of the respective security domains. In this example,map1 indicates that server2 111 of node 1 is associated with the serverlevel security domain 125. Map2 127 indicates that servers in node2 105,server1 113 of node 1 103, server1 115 and serverj 119 of node3 107 areassociated with the cluster level domain 127. Mapn 135 indicates thatservers in cell 101 are associated with the cell level security domain129. The configuration files and the domain maps can be stored asExtensible Markup Language (XML) files. The security domains hierarchy123 can be represented by a file structure. For example, the securitydomains hierarchy 123 is represented by a top level folder called“security domains,” while the server level security domain 125, thecluster level security domain 127, and the cell level security domain128 are represented by folders called “server domain,” “cluster domain,”and “cell domain,” respectively. The “security domains” folder containsthe “server domain,” “cluster domain,” and “cell domain” folders. The“server domain,” “cluster domain,” and “cell domain” folders eachcontain a configuration file and a domain map.

At stage A, the security domain unit 121 detects startup of the server2111. For example, the security domain unit 121 receives a request fromserver2 111 for a security configuration.

At stage B, the security domain unit 121 determines security domainsassociated with the server2 111. The security domain unit 121 determinesthe security domains associated with the server2 111 based on the map1131, map2 133, and mapn135. In this example, map1 131 indicates that theserver level security domain 125 is associated with server2 111. Mapn135 indicates that the cell level security domain 129 is associated withserver2 111 because server2 belongs to cell1 101.

At stage C, the security domain unit 121 determines that the serverlevel security domain 125 takes precedence over the cell level securitydomain 129. Security domains can be applied to application servers basedon a precedence of the security domains' scopes. In this example, thescopes are cluster, server, and cell. So, the security domains areapplied based on a precedence of cluster level, server level, then celllevel. So, if an application server is not associated with a clusterlevel security domain and/or a server level security domain, the celllevel security domain is applied to the application server. Althoughmultiple security domains can be associated with an application server,a single security domain may be applied the application server at onetime. Associating application servers in a cell with multiple domainsallows customization of security settings and collective management ofthe custom security settings over various scopes.

At stage D, the security domain unit 121 applies security settings ofthe server level security domain 125 to the server2 111. Securitysettings may comprise Java® Authentication and Authorization Service(JAAS) login modules, quality of service for Internet Inter-ObjectRequest Broker Protocol (IIOP), authentication token mechanisms,encryption schemes, etc. For example, the security domain unit 121applies the security settings of the server level security domain 125 tothe server2 111 based on a configuration file in a “server domain”folder. Additionally, security settings for a specific securityattribute can be applied to an application server based on a cell levelsecurity domain if a cluster level or server level security domainassociated with the server does not define the specific securityattribute. Other cell settings such as application installations,administrative options, etc. are applied to application serversregardless of the application servers' security domain associations.

Although examples refer to application servers being associated withsecurity domains, embodiments are not so limited. Security domains canbe associated with any group of code resources. For example, securitydomain 1 has a scope of cluster and the cluster comprises application 1,module 2, and application server 3. Security domain 2 has a scope ofapplication 1. For application 1, security domain 2 has precedence oversecurity domain 1, so security domain 2's security configuration isapplied to application 1. Security domain 1's security configuration isapplied to module 2, and application server 3.

FIG. 2 depicts a flowchart of example operations for applying securityto an application server based on a hierarchy of security domains.Startup of a server is detected (block 201). For example, a securitydomain unit detects a discovery request from a server.

It is determined if the server belongs to a cluster level securitydomain (block 203). Cluster level security domains can be associatedwith a group of application servers that have similar functionality. Thedetermination can be based on a domain map associated with the clusterlevel security domain. For example, a security domain unit determinesthat two cluster level security domains exist in a “security domains”folder. The security domain unit navigates to a folder for each clusterlevel domain. The security domain unit determines if the server isindicated in one of the map files stored in cluster level domainfolders.

If the server belongs to the cluster level security domain, securitysettings indicated in a cluster level security configuration are appliedto the server (block 204).

It is determined if there are security settings not indicated by thecluster level security configuration (block 205). For example, anapplication installed on an application server indicates four securityattributes. The cluster level security configuration can be used toapply security settings that satisfy two of the security attributes, sothere are two security attributes that cannot be satisfied by thecluster level security configuration.

If there are security settings not indicated by the cluster levelsecurity configuration, the security settings are applied based on acell level security configuration (block 206).

If the server does not belong to the cluster level security domain, itis determined if the server belongs to a server level security domain(block 207). For example, a security domain unit determines ifserver_domain_map.xml file indicates that the server level securitydomain is associated with the server.

If the server belongs to the server level security domain, securitysettings indicated in a server level security configuration are appliedto the server (block 209). For example, the security settings of theserver level security domain are specified in a server_domain.xmlconfiguration file. Server level security domains can be associated withone or more individual application servers.

It is determined if there are security settings not indicated by theserver level security configuration (block 210).

If there are security settings not indicated by the server levelsecurity configuration, the security settings are applied based on acell level security configuration (block 206). In addition, securitysettings that are not indicated by a cluster level security domain canbe applied based on the server level security configuration if theapplication server is associated with the server level security domain.

If the server does not belong to the cluster level security domain orthe server level security domain, security settings indicated in thesecurity configuration are of a cell level security domain are appliedto the server (block 211). Applying cell level security settings can bea default condition because all application servers within a cell areassociated with the cell level security domain.

Although FIG. 2 refers to a hierarchy based on server, cluster, and cellscopes, embodiments are not so limited. For example, a second hierarchymay be based on application, cluster, node, and cell scopes. Inaddition, security domains may be associated with one or more differentscopes. For example, a security domain is associated with both anapplication server and an individual application. As another example, asecurity domain's scope encompasses two applets, and two applications onthree application servers. A security configuration of the securitydomain can be individually applied to the two applets and twoapplications when the two applets and two applications are initialized.

Although examples refer to applying security domains to applicationservers at startup, embodiments are not so limited. For example, anapplication server may perform a refresh to update its security domainrather than restarting. The application server can be unavailable for ashorter amount of time due to a refresh than the application serverwould be for a restart.

Domain maps indicate application servers that are associated withcertain security domains. However, the domain maps may be stored at thebottom of a file structure hierarchy. Browsing to the bottom of the filestructure hierarchy for a large cell with many different securitydomains may be time consuming. An aggregate domain map comprising domainmaps for each security domain in a cell can be created and stored in thetop level of the file structure. The aggregate domain map can be arepresentation of a security domain hierarchy. For example, an aggregatedomain map comprises a tree representation of a security domainhierarchy represented by nested XML tags. FIG. 3 depicts a flowchart ofexample operations for automatically updating an aggregate domain map.Modification of a security domain map is detected (block 301). Forexample, a security domain unit detects that the security domain map hasbeen saved.

An aggregate domain map at the top of s security domain hierarchy isopened (block 303).

Information corresponding to the security domain map is located in theaggregate domain map (block 305). For example, the aggregate domain mapand the security domain map are represented by XML files. Theinformation corresponding to the security domain map in the aggregatedomain map is indicated by a domain name XML tag in the aggregate domainmap.

The information corresponding to the security domain map is overwrittenwith new information in the security domain map (block 307). The newinformation may comprise the entire security domain map or a portion ofthe security domain map that was modified. For example, the informationin the aggregate domain map corresponding to the security domain mapexists between domain name XML tags. The information between the domainname XML tags is overwritten with information in the security domainmap.

The aggregate domain map is saved (block 309).

Security domains may be created manually by a cell administrator. Forexample, the cell administrator defines a cluster level domain when thecell administrator deploys a distributed application on a group ofapplication servers. Security domains may also be created automatically.FIG. 4 depicts a flowchart of example operations for automaticallycreating a security domain. Installation of a new application on aserver is detected (block 401).

Security attributes of the new application are determined (block 403).For example, the security attributes are determined from an attributesfile in the application installation package. The security attributesindicate values for each security setting that should be applied for theapplication to run. For example, the security attributes of anapplication may indicate 128 bit Advanced Encryption Standardencryption.

Current security domains associated with the server are determined(block 405). For example, a server domain unit examines an aggregatedomain map to determine the security domains that are associated withthe server.

It is determined if the security attributes are satisfied by one of thecurrent security domains associated with the server (block 407).Determining if the security attributes are met by one of the currentsecurity domains comprises comparing the security attributes withsecurity settings indicated in security configuration corresponding toeach current security domain.

If the security attributes are not satisfied by one of the currentsecurity domains, a new security domain is created based on the securityattributes (block 409). For example, an XML file is created to indicatethe security attributes. Before creating the new security domain, othersecurity domains not associated with the server may be examined todetermine if one of the other security domains meets the securityattributes. If the security attributes are met by a first of the othersecurity domains, the server is dissociated from any current securitydomains with that may have precedence over the first security domain.The server is then associated with the first security domain.

It is determined if the one or more of the current security domainstakes precedence over the new security domain (block 411). For example,it is determined if a cluster level security domain map indicates theserver and takes precedence over the new security domain.

If one or more of the current security domains takes precedence over thenew security domain, the server is dissociated from the one or morecurrent security domains (block 413). Dissociating the server from theone or more current security domains may comprise removing the serverfrom scopes of the one or more current security domains. For example, acluster level domain takes precedence over the new security domain, so amember XML tag that indicates the server is removed from acluster_security_map.xml file.

If one or more of the current security domains does not take precedenceover the new security domain, a new security domain map is created toassociate the server with the new security domain (block 415) and flowends. Associating the server with the new security domain can comprisedefining a scope of the security domain. In this example, the serverrepresents the scope of the new security domain. In other examples, theapplication, one or more modules within the application, etc. couldrepresent the scope of the new security domain.

If the security attributes are satisfied by one of the current securitydomains, it is determined if others of the current security domains takeprecedence over the satisfying one of the current security domains(block 417). For example, if the security attributes are met by acurrent cell level security domain, the cell level security domaincannot be applied to the server until the server is dissociated from anycurrent cluster level and/or current server level security domainsbecause the cluster level and server level security domains takeprecedence over the current cell level domain.

If others of the current security domains take precedence over thecurrent security domain that satisfies the security attributes, theserver is dissociated from the others of the current security domains(block 419) and flow ends.

It should be understood that the depicted flowcharts are examples meantto aid in understanding embodiments and should not be used to limitembodiments or limit scope of the claims. Embodiments may performadditional operations, fewer operations, operations in a differentorder, operations in parallel, and some operations differently.Referring to FIGS. 4, the operation for determining the securityattributes of the new application and determining current securitydomains associated with the server may be interchanged.

Embodiments may take the form of an entirely hardware embodiment, asoftware embodiment (including firmware, resident software, micro-code,etc.) or an embodiment combining software and hardware aspects that mayall generally be referred to herein as a “circuit,” “module” or“system.” Furthermore, embodiments of the inventive subject matter maytake the form of a computer program product embodied in any tangiblemedium of expression having computer usable program code embodied in themedium. The described embodiments may be provided as a computer programproduct, or software, that may include a machine-readable medium havingstored thereon instructions, which may be used to program a computersystem (or other electronic device(s)) to perform a process according toembodiments, whether presently described not, since every conceivablevariation is not enumerated herein. A machine-readable medium includesany mechanism for storing or transmitting information in a form (e.g.,software, processing application) readable by a machine (e.g., acomputer). The machine-readable medium may include, but is not limitedto, magnetic storage medium (e.g., floppy diskette); optical storagemedium (e.g., CD-ROM); magneto-optical storage medium; read only memory(ROM); random access memory (RAM); erasable programmable memory (e.g.,EPROM and EEPROM); flash memory; or other types of medium suitable forstoring electronic instructions. In addition, embodiments may beembodied in an electrical, optical, acoustical or other form ofpropagated signal (e.g., carrier waves, infrared signals, digitalsignals, etc.), or wireline, wireless, or other communications medium.

Computer program code for carrying out operations of the embodiments maybe written in any combination of one or more programming languages,including an object oriented programming language such as Java,Smalltalk, C++ or the like and conventional procedural programminglanguages, such as the “C” programming language or similar programminglanguages. The program code may execute entirely on a user's computer,partly on the user's computer, as a stand-alone software package, partlyon the user's computer and partly on a remote computer or entirely onthe remote computer or server. In the latter scenario, the remotecomputer may be connected to the user's computer through any type ofnetwork, including a local area network (LAN), a personal area network(PAN), or a wide area network (WAN), or the connection may be made to anexternal computer (for example, through the Internet using an InternetService Provider).

FIG. 5 depicts an example computer system. A computer system includes aprocessor unit 501 (possibly including multiple processors, multiplecores, multiple nodes, and/or implementing multi-threading, etc.). Thecomputer system includes memory 507. The memory 507 may be system memory(e.g., one or more of cache, SRAM, DRAM, zero capacitor RAM, TwinTransistor RAM, eDRAM, EDO RAM, DDR RAM, EEPROM, NRAM, RRAM, SONOS,PRAM, etc.) or any one or more of the above already described possiblerealizations of machine-readable media. The computer system alsoincludes a bus 503 (e.g., PCI, ISA, PCI-Express, HyperTransport®,InfiniBand®, NuBus, etc.), a network interface 505 (e.g., an ATMinterface, an Ethernet interface, a Frame Relay interface, SONETinterface, wireless interface, etc.), and a storage device(s) 509 (e.g.,optical storage, magnetic storage, etc.). The computer system alsoincludes a security domain unit 521 that determines security domainsassociated with a server and applies settings of one of the securitydomains to the server based on a hierarchy. Any one of thesefunctionalities may be partially (or entirely) implemented in hardwareand/or on the processing unit 501. For example, the functionality may beimplemented with an application specific integrated circuit, in logicimplemented in the processing unit 501, in a co-processor on aperipheral device or card, etc. Further, realizations may include feweror additional components not illustrated in FIG. 5 (e.g., video cards,audio cards, additional network interfaces, peripheral devices, etc.).The processor unit 501, the storage device(s) 509, and the networkinterface 505 are coupled to the bus 503. Although illustrated as beingcoupled to the bus 503, the memory 507 may be coupled to the processorunit 501.

While the embodiments are described with reference to variousimplementations and exploitations, it will be understood that theseembodiments are illustrative and that the scope of the inventive subjectmatter is not limited to them. In general, techniques for associatingmultiple security domains to application servers as described herein maybe implemented with facilities consistent with any hardware system orhardware systems. Many variations, modifications, additions, andimprovements are possible.

Plural instances may be provided for components, operations, orstructures described herein as a single instance. Finally, boundariesbetween various components, operations, and data stores are somewhatarbitrary, and particular operations are illustrated in the context ofspecific illustrative configurations. Other allocations of functionalityare envisioned and may fall within the scope of the inventive subjectmatter. In general, structures and functionality presented as separatecomponents in the exemplary configurations may be implemented as acombined structure or component. Similarly, structures and functionalitypresented as a single component may be implemented as separatecomponents. These and other variations, modifications, additions, andimprovements may fall within the scope of the inventive subject matter.

1. A computer implemented method comprising: traversing a representationof a hierarchy of security domains until locating a first element of therepresentation that indicates a code resource, wherein the code resourcecomprises program code that is deployed on an application server;determining that the first element is associated with a scope of a firstof the security domains that encompasses a group of code resources thatinclude the code resource, wherein the first element represents thefirst security domain; determining a security configuration associatedwith the first element of the representation; and applying the securityconfiguration to the code resource.
 2. The computer implemented methodof claim 1, wherein the first element comprises a security domain map.3. The computer implemented method of claim 1 further comprising:determining that the security configuration does not indicate a firstsecurity setting that should be applied to the code resource; traversingthe representation of the hierarchy of security domains until locating asecond element of the representation that indicates the code resource;determining that the second element is associated with a second scope ofa second of the security domains, wherein the second scope encompasses asecond group of code resources that includes the code resource;determining a second security configuration that indicates the firstsecurity setting is associated with the second element of therepresentation, wherein the second security configuration is associatedwith the second element; and applying the first security setting to thesecond code resource.
 4. The computer implemented method of claim 1,wherein the scope comprises one of individual application servers,groups of application servers, individual applications, groups ofapplications, individual clusters, groups of clusters, serviceintegration buses, nodes, and groups of nodes.
 5. The computerimplemented method of claim 1 further comprising: detecting installationof a second code resource on the application server; determiningsecurity attributes of the second code resource, wherein the securityattributes indicate values to be applied to security settings for thesecond code resource; traversing the representation of the hierarchy ofsecurity domains until locating a plurality of elements of therepresentation with respective scopes that encompass the applicationserver; determining a plurality of security configurations associatedwith the plurality of elements; determining that a second securityconfiguration should be created because the security attributes of thesecond code resource are not met by security settings indicated by anyof the plurality of security configurations; creating the secondsecurity configuration to satisfy the security attributes of the secondcode resource; creating a second element of the hierarchy; associatingthe second element with the second security configuration; defining asecond scope to encompass a second group of codes resources thatincludes the second code resource; and associating the second scope withthe second element.
 6. The computer implemented method of claim 5,wherein determining that the second security configuration should becreated because the security attributes are not met by security settingsindicated by any of the plurality of security configurations comprisescomparing the security attributes with security settings indicated bythe plurality of security configurations.
 7. A computer program productfor associating multiple security domains with an application server,the computer program product comprising: a computer usable medium havingcomputer usable program code embodied therewith, the computer usableprogram code comprising: computer usable program code configured to,traverse a representation of a hierarchy of security domains untillocating a first element of the representation that indicates a coderesource, wherein the code resource comprises program code that isdeployed on an application server; determine that the first element isassociated with a scope of a first of the security domains thatencompasses a group of code resources that include the code resource,wherein the first element represents the first security domain;determine a security configuration associated with the first element ofthe representation; and apply the security configuration to the coderesource.
 8. The computer program product of claim 7, wherein thecomputer useable program code is further configured to: determine thatthe security configuration does not indicate a first security settingthat should be applied to the code resource; traverse the representationof the hierarchy of security domains until locating a second element ofthe representation that indicates the code resource; determine that thesecond element is associated with a second scope of a second of thesecurity domains, wherein the second scope encompasses a second group ofcode resources that includes the code resource; determine a secondsecurity configuration that indicates the first security setting isassociated with the second element of the representation, wherein thesecond security configuration is associated with the second element; andapply the first security setting to the second code resource.
 9. Thecomputer program product of claim 7, wherein the scope comprises one ofindividual application servers, groups of application servers,individual applications, groups of applications, individual clusters,groups of clusters, service integration buses, nodes, and groups ofnodes.
 10. The computer program product of claim 7 comprises thecomputer useable program code being further configured to: detectinstallation of a second code resource on the application server;determine security attributes of the second code resource, wherein thesecurity attributes indicate values to be applied to security settingsfor the second code resource; traverse the representation of thehierarchy of security domains until locating a plurality of elements ofthe representation with respective scopes that encompass the applicationserver; determine a plurality of security configurations associated withthe plurality of elements; determine that a second securityconfiguration should be created because the security attributes of thesecond code resource are not met by security settings indicated by anyof the plurality of security configurations; create the second securityconfiguration to satisfy the security attributes of the second coderesource; create a second element of the hierarchy; associate the secondelement with the second security configuration; define a second scope toencompass a second group of codes resources that includes the secondcode resource; and associate the second scope with the second element.11. The computer program product of claim 10, wherein the computeruseable program code being configured to determine that the secondsecurity configuration should be created because the security attributesare not met by security settings indicated by any of the plurality ofsecurity configurations comprises the computer useable program codebeing configured to compare the security attributes with securitysettings indicated by the plurality of security configurations.
 12. Acomputer program product for associating multiple security domains withan application server, the computer program product comprising: acomputer usable medium having computer usable program code embodiedtherewith, the computer usable program code comprising: computer usableprogram code configured to, detect installation of an application on anapplication server; determine security attributes of the application,wherein the attributes indicate values to be applied to securitysettings; determine a plurality of security domains associated with theapplication server; determine that the security attributes are not metby security configurations associated with the plurality of securitydomains; create a first security domain based on the securityattributes; create a security domain map, wherein the security domainmap is associated with the first security domain; associate theapplication with the new security domain in the security domain map;determine that a first security configuration associated with a first ofthe plurality of security domains would be applied to the applicationserver because the first of the plurality of security domains takesprecedence over the first security domain; and dissociate theapplication server from the first of the plurality of security domains.13. The computer program product of claim 12, wherein said determinethat the security attributes are not met by security configurationsassociated with the plurality of security domains comprises comparingthe security attributes with security settings indicated by the securityconfigurations associated with the plurality of security domains. 14.The computer program product of claim 12, wherein the computer useableprogram code being configured to dissociate the application server fromthe first of the plurality of security domains comprises the computeruseable program code being configured to remove an indication of theapplication server from a second security domain map associated with thefirst of the plurality of security domains.
 15. An apparatus comprising:one or more processing units; a network interface; and a security domainunit operable to, traverse a representation of a hierarchy of securitydomains until locating a first element of the representation thatindicates a code resource, wherein the code resource comprises programcode that is deployed on an application server; determine that the firstelement is associated with a scope of a first of the security domainsthat encompasses a group of code resources that include the coderesource, wherein the first element represents the first securitydomain; determine a security configuration associated with the firstelement of the representation; and apply the security configuration tothe code resource.
 16. The apparatus of claim 15, wherein the firstelement comprises a security domain map.
 17. The apparatus of claim 15comprises the security domain unit being further operable to: determinethat the security configuration does not indicate a first securitysetting that should be applied to the code resource; traverse therepresentation of the hierarchy of security domains until locating asecond element of the representation that indicates the code resource;determine that the second element is associated with a second scope of asecond of the security domains, wherein the second scope encompasses asecond group of code resources that includes the code resource;determine a second security configuration that indicates the firstsecurity setting is associated with the second element of therepresentation, wherein the second security configuration is associatedwith the second element; and apply the first security setting to thesecond code resource.
 18. The apparatus of claim 15, wherein the scopecomprises one of individual application servers, groups of applicationservers, individual applications, groups of applications, individualclusters, groups of clusters, service integration buses, nodes, andgroups of nodes.
 19. The apparatus of claim 15 comprises the securitydomain unit being further operable to: detect installation of a secondcode resource on the application server; determine security attributesof the second code resource, wherein the security attributes indicatevalues to be applied to security settings for the second code resource;traverse the representation of the hierarchy of security domains untillocating a plurality of elements of the representation with respectivescopes that encompass the application server; determine a plurality ofsecurity configurations associated with the plurality of elements;determine that a second security configuration should be created becausethe security attributes of the second code resource are not met bysecurity settings indicated by any of the plurality of securityconfigurations; create the second security configuration to satisfy thesecurity attributes of the second code resource; create a second elementof the hierarchy; associate the second element with the second securityconfiguration; define a second scope to encompass a second group ofcodes resources that includes the second code resource; and associatethe second scope with the second element.
 20. The apparatus of claim 19,wherein the security domain unit being operable to determine that thesecond security configuration should be created because the securityattributes are not met by security settings indicated by any of theplurality of security configurations comprises the security domain unitbeing operable to compare the security attributes with security settingsindicated by the plurality of security configurations.